> I wonder had you previously updated your machine to have a newer
> gnome-software,
> then disabled bionic-updates to test this ? As then this message may make
> sense.
Ah yes, this is exactly what happened, I had disabled updates in my test
vm to ensure there wasn't any other dependency of
@Steve Beattie
Awesome thanks for doing this so promptly :-)
> - I touched up the versions, since there is no difference besides which
> release they are for
> (https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
> contains details on how packages are typically
This bug was fixed in the package flatpak - 1.0.7-0ubuntu0.18.10.1
---
flatpak (1.0.7-0ubuntu0.18.10.1) cosmic-security; urgency=medium
* Update to 1.0.7 (LP: #1815528)
* New upstream release
- SECURITY UPDATE: do not let the apply_extra script for a system
installation
This bug was fixed in the package flatpak - 1.0.7-0ubuntu0.18.04.1
---
flatpak (1.0.7-0ubuntu0.18.04.1) bionic-security; urgency=medium
* Update to 1.0.7 (LP: #1815528)
* New upstream release
- SECURITY UPDATE: do not let the apply_extra script for a system
installation
Hi Andrew,
I'll be releasing these in a moment. A couple of things to note:
- I touched up the versions, since there is no difference besides
which release they are for
(https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
contains details on how packages are typically
Thanks, I'm looking at these now.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1815528
Title:
New upstream microrelease flatpak 1.0.7
To manage notifications about this bug go to:
** Attachment added: "Flatpak cosmic 1.0.6-0ubuntu1.1 to 1.0.7-0ubuntu1.1
debdiff.gz"
https://bugs.launchpad.net/ubuntu/bionic/+source/flatpak/+bug/1815528/+attachment/5238464/+files/flatpak_1.0.6-0ubuntu1.1_to_1.0.7-0ubuntu1.1.cosmic.debdiff.gz
--
You received this bug notification because
** Attachment removed: "Flatpak bionic 1.0.6-0ubuntu0.1 to 1.0.7-0ubuntu0.1
debdiff.gz"
https://bugs.launchpad.net/ubuntu/bionic/+source/flatpak/+bug/1815528/+attachment/5238076/+files/flatpak_1.0.6-0ubuntu0.1_to_1.0.7-0ubuntu0.1.bionic.debdiff.gz
** Attachment removed: "Flatpak cosmic
DSA-4390-1 now uses CVE-2019-8308 to track the vulnerability, I guess I
need to update the changelog of the debdiff to mention this CVE now ? (I
will do this later today)
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-8308
--
You received this bug notification because you are
FYI DSA 4390-1 now tracks the security issue in Debian
https://lists.debian.org/debian-security-announce/2019/msg00030.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1815528
Title:
New upstream
** Attachment added: "Flatpak bionic 1.0.6-0ubuntu0.1 to 1.0.7-0ubuntu0.1
debdiff.gz"
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1815528/+attachment/5238076/+files/flatpak_1.0.6-0ubuntu0.1_to_1.0.7-0ubuntu0.1.bionic.debdiff.gz
--
You received this bug notification because you
** Attachment added: "Flatpak cosmic 1.0.6-0ubuntu1.1 to 1.0.7-0ubuntu1.1
debdiff.gz"
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1815528/+attachment/5238077/+files/flatpak_1.0.6-0ubuntu1.1_to_1.0.7-0ubuntu1.1.cosmic.debdiff.gz
** Patch removed: "Flatpak bionic 1.0.6-0ubuntu0.1 to
** Patch added: "Flatpak cosmic 1.0.6-0ubuntu1.1 to 1.0.7-0ubuntu1.1 debdiff"
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1815528/+attachment/5238074/+files/flatpak_1.0.6-0ubuntu1.1_to_1.0.7-0ubuntu1.1.cosmic.debdiff
--
You received this bug notification because you are a member
** Patch added: "Flatpak bionic 1.0.6-0ubuntu0.1 to 1.0.7-0ubuntu0.1 debdiff"
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1815528/+attachment/5238073/+files/flatpak_1.0.6-0ubuntu0.1_to_1.0.7-0ubuntu0.1.bionic.debdiff
--
You received this bug notification because you are a member
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-5736
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1815528
Title:
New
** Also affects: flatpak (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: flatpak (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: flatpak (Ubuntu)
Status: In Progress => Fix Released
** Changed in: flatpak (Ubuntu Bionic)
** Description changed:
This is a request to SRU the latest microrelease of flatpak into bionic
and cosmic. Which is also a security update similar to the runc
CVE-2019-5736.
Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922059
[Impact]
New upstream
** Description changed:
This is a request to SRU the latest microrelease of flatpak into bionic
and cosmic. Which is also a security update similar to the runc
CVE-2019-5736.
Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922059
[Impact]
New upstream
18 matches
Mail list logo
